WELCOME !WELCOME !GABRIEL SORIN POPOVICIGABRIEL SORIN POPOVICI

Bucharest – ROMANIABucharest – ROMANIA25 and ½ 25 and ½

popovici.gabriel@gmail.compopovici.gabriel@gmail.com

ACADEMIC CAREER ACADEMIC CAREER

Polytechnic University of Bucharest, RomaniaPolytechnic University of Bucharest, RomaniaFaculty of Automatic Control and ComputersFaculty of Automatic Control and Computers

““System Science and Computer Automatics Control”System Science and Computer Automatics Control”

University of Turin, Italy University of Turin, Italy Department of Computer ScienceDepartment of Computer Science

““Leonardo da Vinci mobility project ” Leonardo da Vinci mobility project ”

Id SystemsId Systems HealthCareHealthCare

Electronic Patient cardElectronic Patient card

Id SystemsId Systems E-votingE-voting

Web analytics softwareWeb analytics software

PROFESSIONAL CAREERPROFESSIONAL CAREER

Web portal developmentWeb portal development

E-commerce E-commerce www.tornado.rowww.tornado.ro www.denovo.rowww.denovo.ro

- - Tornado Systems Srl, Bucharest Romania –Tornado Systems Srl, Bucharest Romania –

E-bankingE-banking www.findomestic.itwww.findomestic.it

- - Blue Reply Srl, Turin, Italy –Blue Reply Srl, Turin, Italy –

Web tracking systems – Id systemsWeb tracking systems – Id systems Police driver faults Police driver faults Vehicle registration systemVehicle registration system Computer based examination portalComputer based examination portal

- Canadian Bank Note International Europe Srl, Bucharest Romania - Canadian Bank Note International Europe Srl, Bucharest Romania --

CBN ROMANIACBN ROMANIA

Identification Systems Identification Systems

Passports, Issuing Systems & Border Control SolutionsPassports, Issuing Systems & Border Control Solutions

Issuing/printing high value secure documentsIssuing/printing high value secure documents

Interface/Connection to major national systemsInterface/Connection to major national systems

Interface with the Auto Registry SystemInterface with the Auto Registry System Interface with the Insurance SystemInterface with the Insurance System Interface with the Companies National Registry SystemInterface with the Companies National Registry System Interface with the Population RegistryInterface with the Population Registry

DRIVER FAULTDRIVER FAULT

Driver PointsDriver Points

Status driver Status driver License License

Fault Law TypeFault Law Type

Place FaultPlace Fault

ObservationsObservations

DISPATCHERDISPATCHER

Lists all Vehiclesby Toyota brand,Red Color

ELECTRONIC PATIENT CARDELECTRONIC PATIENT CARDDevelopment Frameworks – Java API Development Frameworks – Java API

Smart card development:Smart card development:• Java Card Framework vesion 2.2.1- building java applications on smart cards Java Card Framework vesion 2.2.1- building java applications on smart cards • IBM Java Card Open Platform tools (JCOP) , plug-in for Eclipse IDE IBM Java Card Open Platform tools (JCOP) , plug-in for Eclipse IDE

Operations: edit/simulate/install/delete java applications on smart card Operations: edit/simulate/install/delete java applications on smart card Client application development:Client application development:

• user interface in Swinguser interface in Swing• OpenCard Framework version 1.2, acting like a middle-tier between user inputs and OpenCard Framework version 1.2, acting like a middle-tier between user inputs and communication with the smart cardcommunication with the smart card• Java Cryptography Extensions,to implement various Java Cryptography Extensions,to implement various symmetric/asymmetric Cryptography algorithms, managing symmetric/asymmetric Cryptography algorithms, managing signature process and password based encryption/decryption signature process and password based encryption/decryption techniques techniques

System structureSystem structure – – Applications Applications

Two distinguished applicationsTwo distinguished applications::

• on card application – smartcard on card application – smartcard

• off card application – PC/workstationoff card application – PC/workstation

OffOff C Card ard ApplicationApplication– – GUIGUI

Organized data storage Organized data storage

OffOff C Cardard Application – communicationApplication – communication

This module communicates with the smartcard using This module communicates with the smartcard using APDU (Application Protocol Data Units) APDU (Application Protocol Data Units) ISO 7816 ISO 7816

HEADER BODY

CLA INS P1 P2 Lc DATA Le

OPTIONAL DATA

FIELDS SW1 SW2

Responsible entities able to write information on cardResponsible entities able to write information on card

doctordoctor

certificate authority certificate authority

Private Key/ Public KeyPrivate Key/ Public Key

Doctor Certificate Doctor Certificate

Private Key PKCS#8 256 bytes sample Private Key PKCS#8 256 bytes sample

Procedure to write data on smartcard Procedure to write data on smartcard

StepsSteps::

stostore message M in smartcard RAMre message M in smartcard RAM

sign message M using private key sign message M using private key inside private document inside private document

Procedure to write data on smartcard Procedure to write data on smartcard

pozitive result - data are stored definitely on persistent memory

negative result - discard data

Authentication proceduresAuthentication procedures

external authentication - private document is protected by password

internal authentication - smartcard authentication process to system

Questions ? Questions ?